CVE-2025-34193
Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protections and Use Outdated Runtimes
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components (PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe) that lack modern compile-time and runtime exploit mitigations and rely on outdated runtimes. These binaries are built as 32-bit, without Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), Control Flow Guard (CFG), or stack-protection, and they incorporate legacy technologies (Pascal/Delphi and Python 2) which are no longer commonly maintained. Several of these processes run with elevated privileges (NT AUTHORITY\SYSTEM for PrinterInstallerClient.exe and PrinterInstallerClientLauncher.exe), and the client automatically downloads and installs printer drivers. The absence of modern memory safety mitigations and the use of unmaintained runtimes substantially increase the risk that memory-corruption or other exploit primitives β for example from crafted driver content or maliciously crafted inputs β can be turned into remote or local code execution and privilege escalation to SYSTEM.Β This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.
| CWE | CWE-755 CWE-1104 |
| Vendor | vasion |
| Product | print virtual appliance host |
| Published | Sep 19, 2025 |
| Last Updated | May 15, 2026 |
Get instant alerts for vasion print virtual appliance host
Be the first to know when new unknown vulnerabilities affecting vasion print virtual appliance host are published β delivered to Slack, Telegram or Discord.